DAST Scanning
DAST Scan Modes
Full (Active) Web App Scanning
3min
the scanmode=fullscan option loads a ruleset that is tuned for performing attack based scans against web applications additionally some baseline passive rules will be run large more comprehensive ruleset actively tries to attack the site through common vulnerabilities and attack techniques longer running than a passive scan, but more thorough testing running a scan to run a active scan all you need is the url of the site to scan and the dast cli will do the rest, including crawling the site to find additional pages and resources to test docker run it soosio/dast clientid=\<soos client id> apikey="\<soos apikey>" projectname="\<project name>" scanmode=fullscan https //url to test further configurations running authenticated dast scans docid 0wmgc4eqb 1saulseahnt excluding dast scan rules docid 1hh1sr62 gxmfmneie6g adjusting scan times docid\ vizjose7ku 8zlrqxt2br excluding urls from being scanned docid\ qplvu4pihbwlfa5biwvqp